From 865a21458d9746189c66a74dd47e11692b33b4ba Mon Sep 17 00:00:00 2001
From: ThompsonNye <thomas.nuyken@noreply.code.nuyken.dev>
Date: Sun, 3 Aug 2025 19:45:34 +0200
Subject: [PATCH] Configure keycloak correctly in api

---
 PresentPortal.ApiService/Program.cs       | 12 ++++++++----
 PresentPortal.Shared/KeycloakConstants.cs |  8 ++++++++
 2 files changed, 16 insertions(+), 4 deletions(-)
 create mode 100644 PresentPortal.Shared/KeycloakConstants.cs

diff --git a/PresentPortal.ApiService/Program.cs b/PresentPortal.ApiService/Program.cs
index 3992d70..6f34789 100644
--- a/PresentPortal.ApiService/Program.cs
+++ b/PresentPortal.ApiService/Program.cs
@@ -12,11 +12,15 @@ builder.Services.AddProblemDetails();
 builder.Services.AddOpenApi();
 
 builder.Services.AddAuthentication()
-    .AddKeycloakJwtBearer(ServiceNames.Keycloak, "TODO", options =>
+    .AddKeycloakJwtBearer(ServiceNames.Keycloak, KeycloakConstants.Realm, options =>
     {
-        options.Audience = "TODO";
-        options.Authority = "TODO";
-        // options.
+        var keycloakHost = builder.Configuration.GetValue<string>($"services:{ServiceNames.Keycloak}:http:0")
+            ?? throw new InvalidOperationException("Keycloak host is not configured.");
+        
+        options.MetadataAddress = $"{keycloakHost}/realms/{KeycloakConstants.Realm}/.well-known/openid-configuration";
+        options.RequireHttpsMetadata = !builder.Environment.IsDevelopment();
+        options.Audience = KeycloakConstants.ClientId;
+        options.Authority = keycloakHost;
     });
 builder.Services.AddAuthorization();
 
diff --git a/PresentPortal.Shared/KeycloakConstants.cs b/PresentPortal.Shared/KeycloakConstants.cs
new file mode 100644
index 0000000..aa77089
--- /dev/null
+++ b/PresentPortal.Shared/KeycloakConstants.cs
@@ -0,0 +1,8 @@
+namespace PresentPortal.Shared;
+
+public static class KeycloakConstants
+{
+    public const string Realm = "present-portal";
+    
+    public const string ClientId = "present-portal";
+}
\ No newline at end of file